can't change or remove netflow setting from an ASA 5520

Unanswered Question
Apr 7th, 2010
User Badges:

I've tried in the ADSM and I've tried the CLI and I can't remove or change these entries.


Any know what I'm doing wrong here?



fw-x-5520-1(config)# flow-export destination iSP2/Swift 10.xx.x.xx 2055
ERROR: flow-export: destination already exists
fw-x5520-1(config)# no flow
fw-x5520-1(config)# no flow-export en
fw-x-5520-1(config)# no flow-export enable
ERROR: This command is no longer supported. Flow-export actions under MPF need to be removed to stop exporting NetFlow events.
fw-x5520-1(config)#

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Tulsi Ram Puttaraju Wed, 04/07/2010 - 13:54
User Badges:

try the no flow-export destination iSP2/Swift 10.xx.x.xx 2055

and then try to remove the no flow-export enable

Tulsi Ram Puttaraju Wed, 04/07/2010 - 14:13
User Badges:

how about this command:


no export destination ip-address port
no ip flow-export destination ip-address udp-port

Brent Rockburn Wed, 04/07/2010 - 14:17
User Badges:

fw-517-5520-1(config)# clear configure flow-export

ERROR: Some destinations may be in use. Remove references before attempting to delete

fw-517--5520-1(config)#


Still no worky!!

Tulsi Ram Puttaraju Wed, 04/07/2010 - 14:25
User Badges:

give the details of sh run | i flow-export


The error is showing destination in use because it value is yet to time out


try again the same command.

Brent Rockburn Wed, 04/07/2010 - 14:22
User Badges:

This appears when I do a sh run but not when I look through the config itself.


fw-517-5520-1# sh run | in flow
flow-export destination ISP2/Swift 10.66.x.x 2055
  flow-export event-type all destination 10.66.x.x
fw-517-5520-1#

douglas.ip Thu, 04/22/2010 - 09:55
User Badges:

Has this issue been resolved.  I'm having the same issue.  Thanks.


Doug

Jennifer Halim Fri, 04/23/2010 - 03:22
User Badges:
  • Cisco Employee,

Remove the netflow configuration from the policy-map first (or just remove the class that has the netflow association from the policy-map), then you would be able to remove the netflow configuration.


Hope that helps.

douglas.ip Fri, 04/23/2010 - 06:43
User Badges:

Thanks for the reply.  Here is the config for policy-map. I tried to remove the policy map but got the error below.  What is the correct commands to remove flow-export?  Thanks.


policy-map global_policy
class class-default
  flow-export event-type all destination 10.59.1.53



AlzASA(config)# no policy-map global_policy
ERROR: policy-map global_policy is being used and hence cannot be removed.

Jennifer Halim Fri, 04/23/2010 - 06:50
User Badges:
  • Cisco Employee,

Here is the steps:


no service-policy global_policy global

policy-map global_policy

     no class class-default

service-policy global_policy global

Actions

This Discussion